SV0 Platform Mental Model
Connectors, data model, identity mapping, and risk classification.
This document bridges the gap between "what the connectors discover" and "what the platform stores and evaluates." Read this before setting up a dev environment, debugging connector output, or explaining the system to a non-developer.
High-Level Data Flow
Text diagram
┌─────────────────┐
│ SV0 Platform │
│ (MongoDB) │
└────────▲─────────┘
│
POST /api/v1/ingest/
normalized-graph
│
┌──────────────┼──────────────┐
│ │ │
┌────────┴───────┐ ┌───┴────────┐ ┌───┴──────────┐
│ entra-servicenow│ │azure-foundry│ │ future: │
│ connector │ │ connector │ │ github, aws │
└────────┬───────┘ └───┬────────┘ └───┬──────────┘
│ │ │
┌─────┴─────┐ ┌────┴────┐ ┌────┴────┐
│ │ │ │ │ │
ServiceNow Azure Azure ARM GitHub AWS
REST API Graph Foundry RBAC API API
API API
Each connector:
- Discovers raw data from source systems
- Correlates across systems (e.g., SN OAuth
client_id= Azure SPappId) - Classifies (egress, origin, risk group, ownership)
- Transforms into NormalizedGraph JSON
- POSTs to platform ingestion endpoint
Core Entity Model (9 Entity Types)
Text diagram
┌──────────┐
│ OWNER │ (human accountability)
└────┬─────┘
│ OWNED_BY
▼
┌──────────┐ HAS_ROLE ┌──────────┐ RUNS_AS ┌──────────┐
│ ROLE │◄───────────│ IDENTITY │◄────────────│ WORKLOAD │
└────┬─────┘ └────┬─────┘ └────┬─────┘
│ GRANTS │ AUTHENTICATES_AS │ INVOKES
▼ ▼ ▼
┌──────────┐ ┌──────────┐ ┌──────────┐
│PERMISSION│ │CREDENTIAL│ │CONNECTION│
└────┬─────┘ └──────────┘ └──────────┘
│ APPLIES_TO USES ▲
▼ │
┌──────────┐ (from CONNECTION
│ RESOURCE │ to CREDENTIAL)
└──────────┘
┌──────────────────┐
│EXECUTION EVIDENCE│ (proof of activity)
└──────────────────┘
EVIDENCES ──▶ WORKLOAD/IDENTITY
Three paths through the model
Execution path (what runs and how): Workload → RUNS_AS → Identity → AUTHENTICATES_AS → Credential
Authorization path (what permissions exist): Identity → HAS_ROLE → Role → GRANTS → Permission → APPLIES_TO → Resource
Governance path (who is accountable): Owner → OWNED_BY → Identity/Workload
All 19 edge types
CALLS, INVOKES, USES, AUTHENTICATES_AS, AUTHENTICATES_TO, OWNED_BY, BELONGS_TO, HAS_ROLE, GRANTS, APPLIES_TO, EXECUTES_ON, RUNS_AS, TRIGGERS_ON, CREATED_BY, DELEGATES_TO, APPROVED_BY, MEMBER_OF, EVIDENCES, AUTHENTICATES_VIA (deprecated)
Cross-System Identity Mapping
ServiceNow ↔ Azure Entra Correlation
Text diagram
┌─ ServiceNow ──────────────────────┐ ┌─ Azure Entra ──────────────┐
│ │ │ │
│ Business Rule ──────┐ │ │ │
│ Script Include ─────┤ (scripts │ │ │
│ Flow Designer ──────┤ reference) │ │ │
│ Scheduled Job ──────┘ │ │ │
│ │ │ │ │
│ ▼ │ │ │
│ REST Message ───▶ REST Method │ │ │
│ │ │ │ │
│ ▼ │ │ │
│ OAuth Entity ─────────────────────┼─────┼──▶ Service Principal │
│ (client_id) ═══ MATCH ═══════════ │ │ (appId) │
│ │ │ │ │
│ │ │ ▼ │
│ │ │ App Role Assignments │
│ │ │ OAuth2 Permission Grants │
│ │ │ │ │
│ │ │ ▼ │
│ │ │ Sign-in Logs │
│ │ │ (execution evidence) │
└────────────────────────────────────┘ └─────────────────────────────┘
The key correlation point: ServiceNow OAuth Entity client_id matches Azure SP appId.
Azure Foundry ↔ ARM RBAC Correlation
Text diagram
┌─ Azure AI Foundry ────────────────┐ ┌─ ARM RBAC ─────────────────┐
│ │ │ │
│ AIServices Account │ │ │
│ │ │ │ │
│ ▼ │ │ │
│ Foundry Project │ │ │
│ │ │ │ │
│ ▼ │ │ │
│ AI Agent (workload) ──────────────┼─────┼──▶ Managed Identity │
│ │ │ │ (object_id match) │
│ ▼ │ │ │ │
│ Connections (to resources) │ │ ▼ │
│ - Azure OpenAI │ │ Role Assignments │
│ - Azure AI Search │ │ (Contributor, Reader...) │
│ - Azure Storage │ │ │ │
│ │ │ │ ▼ │
│ ▼ │ │ Scoped Resources │
│ Thread Runs (execution evidence) │ │ (/subscriptions/...) │
└────────────────────────────────────┘ └─────────────────────────────┘
The key correlation point: AIServices account identity.principalId matches Entra SP id (object ID).
Source System → Platform Entity Mapping
ServiceNow
| ServiceNow Concept | Platform Entity | Subtype | Notes |
|---|---|---|---|
| Business Rule | workload | business_rule | Server-side automation on table events |
| Script Include | workload | script_include | Reusable server script library |
| Flow Designer Flow | workload | flow_designer_flow | Low-code automation |
| Scheduled Job | workload | scheduled_job | Cron-like recurring task |
| REST Message | connection | rest_message | Outbound API endpoint |
| OAuth Entity | credential | oauth_provider | OAuth config (holds client_id) |
| OAuth Profile | credential | oauth_profile | Instance of OAuth config |
| Machine Account | identity | machine_account | Non-human SN user |
| Integration User | identity | integration_user | Service account |
| sys_user (human) | owner | human_identity | Accountability assignment |
Azure Entra ID
| Azure Concept | Platform Entity | Subtype | Notes |
|---|---|---|---|
| Service Principal | identity | service_principal | App identity in the tenant |
| Managed Identity | identity | service_principal | System/user-assigned MI |
| App Role Assignment | role | — | Role granted to SP |
| API Permission (Application) | permission | varies | OAA-canonicalized |
| API Permission (Delegated) | permission | varies | User-context permissions |
| Sign-in Log | execution_evidence | — | Proof of SP activity |
| Owner (on App Reg) | owner | human_identity | App registration owner |
Azure AI Foundry
| Foundry Concept | Platform Entity | Subtype | Notes |
|---|---|---|---|
| AIServices Account | (context) | — | Groups projects |
| Foundry Project | (context) | — | Groups agents and connections |
| AI Agent | workload | ai_agent | Autonomous AI workload |
| Agent Connection | connection | varies | Link to Azure OpenAI, Search, etc. |
| Managed Identity | identity | service_principal | Agent's runtime identity |
| ARM Role Assignment | role + permission | — | RBAC on Azure resources |
| Thread Run | execution_evidence | — | Proof of agent execution |
OAA Permission Canonicalization
Raw permissions from source systems are mapped to a 10-type canonical model:
Data operations: DataRead, DataWrite, DataCreate, DataDelete Config operations: MetadataRead, MetadataWrite, MetadataCreate, MetadataDelete Other: NonData (execute without mutation), Uncategorized
Examples:
| Raw Permission (Azure) | Canonical Type | Privileged? |
|---|---|---|
Directory.ReadWrite.All | MetadataWrite | Yes |
User.Read.All | DataRead | No |
Mail.Send | DataWrite | Yes (PII) |
Application.ReadWrite.All | MetadataWrite | Yes |
Files.ReadWrite.All | DataWrite | Yes |
Risk Classification Model
Text diagram
┌────────────────────────────┐
│ EGRESS CATEGORY │
│ (where does data go?) │
├────────┬─────────┬──────────┤
│ LLM │External │ Internal │
┌───────────┼────────┼─────────┼──────────┤
│ HR/ │ RG1 │ RG2 │ RG4 │
ORIGIN │ Identity │ (high) │ (high) │ (low) │
(what ├───────────┼────────┼─────────┼──────────┤
data?) │ Customer/ │ RG1 │ RG2 │ RG4 │
│ Financial │ (high) │ (high) │ (low) │
├───────────┼────────┼─────────┼──────────┤
│ Config/ │ RG3 │ RG3 │ RG5 │
│ System │ (med) │ (med) │ (low) │
└───────────┴────────┴─────────┴──────────┘
- RG1 = Sensitive data flowing to LLM (highest risk)
- RG2 = Sensitive data flowing to external systems
- RG3 = Config/system data flowing out
- RG4 = Sensitive data staying internal
- RG5 = Config/system data staying internal
Findings Pipeline
Text diagram
NormalizedGraph ingested
│
▼
┌─────────────────────┐
│ Graph Transformer │ builds entities, relationships,
│ │ execution paths, accessible_by
└─────────┬───────────┘
│
▼
┌─────────────────────┐
│ Evaluator Engine │ runs 15 deterministic rules
│ │ against entity + path state
└─────────┬───────────┘
│
▼
┌─────────────────────┐
│ Findings + Evidence │ created with status: active
│ │ sealed with SHA256 hashes
└─────────────────────┘
15 Finding Types
Ownership issues:
orphaned_ownership, ownership_degraded, ownership_ambiguous, ownership_unknown, ownership_drift
Authority issues:
dormant_authority, privilege_justification_gap, scope_drift, reachability_drift
Execution issues:
unproven_execution, unknown_identity_binding, unresolved_cross_system_auth
Data flow issues:
reachable_sensitive_domain, llm_egress, external_egress
Database Collections (13)
| Collection | What it stores |
|---|---|
entities | Current state of all platform entities |
entity_versions | Historical snapshots (temporal queries) |
events | Change log (2-year TTL) |
execution_evidence | Sign-in logs, flow runs, job triggers |
connector_syncs | Sync metadata and status |
sync_cursors | Pagination state for incremental syncs |
findings | Detected security findings |
evidence_packs | Sealed, hashed evidence bundles |
execution_chains | Automation workflow chains |
authority_paths | Materialized access paths (pre-computed) |
baseline_metadata | Point-in-time baselines |
baseline_entities | Entity copies at baseline time |
posture_snapshots | Aggregate posture summaries |
Design Principles
- Deterministic only — no ML, no probabilistic scoring
- Read-only connectors — never write back to source systems
- Evidence-grade output — sealed, timestamped, SHA256 hashed
- Multi-tenant — all queries scoped by
tenant_id - Temporal — point-in-time queries, version history, drift detection
- Connector-agnostic normalization — all connectors output the same NormalizedGraph format